Friday, June 28, 2013

Dell Sonicwall - Interview Questions

Hi readers ,
     This time i would like to share another interview experience of mine in my blog

Company Name -  Dell Sonicwall
Job Title             -   Network Security Engineer
Work Location   -  Chennai
Interview Mode  -  Telephonic

1. Can you explain about you , your educational background and Technical Background ?
2. Explain about DHCP process ?
3. What is the use of ARP Protocol ?
4. scenario -  There are two brand new systems with windows seven operating system .In one of the system      
    i have created a file and saved it to the desktop. Now my question is what are the minimum software and  
    hardware requirments required for me to get the file in another system.
5. What do you mean by proxy ARP ?
6. What is mean by SSL Handshake ?
7. what is the difference between STP and RSTP ?
8. Can you explain about VPN ?
9.  What is mean by TCP Handshake ?
10. what is mean by iterative query ?
11. Scenario -  In a router there are two routing protocol EIGRP and OSPF , by default the router will
      choose which route .
Posted by at 1 comment:
Labels: , , , , , ,

Wednesday, June 5, 2013

What happens when the Environment Temperature of the Cisco Switches Exceeds the Threshold Temperature

Hi everybody today i will share my knowledge about what will be the problem for the cisco switches if the environment temperature exceeds the Normal Operating temperature.

I will show how to check the Environment temperature details in cisco catalyst switches cisco 4507 and 6509 series.

Commands you should use to check environment temperature details are
1. show environment status.
2. show environment temperature.

Below are the ouput you will get if you type these commands in cisco switches
switch_4507>show environment temperature
Module    Sensor                       Temperature                   Status    
------+--------------------------+--------------------+------------
3             air inlet                   36C (51C,65C,68C)              ok
3             air outlet                 43C (69C,83C,86C)              ok

switch_6509>show environment temperature
VTT 1 outlet temperature: 23C
  VTT 2 outlet temperature: 25C
  VTT 3 outlet temperature: 29C
  module 1 outlet temperature: 41C
  module 1 inlet temperature: 24C
  module 1 device-1 temperature: 24C
  module 1 device-2 temperature: 39C
  module 1 EARL outlet temperature: 34C
  module 1 EARL inlet temperature: 29C
  module 2 outlet temperature: 39C
  module 2 inlet temperature: 24C
  module 2 device-1 temperature: 24C
  module 2 device-2 temperature: 37C
  module 2 EARL outlet temperature: 29C
  module 2 EARL inlet temperature: 28C
  module 3 outlet temperature: 37C
  module 3 inlet temperature: 26C
  module 3 EARL outlet temperature: 26C
  module 3 EARL inlet temperature: 27C
  module 4 outlet temperature: 39C
  module 4 inlet temperature: 25C
  module 4 EARL outlet temperature: 26C
  module 4 EARL inlet temperature: 27C
 --More--          module 5 outlet temperature: 25C
  module 5 inlet temperature: 21C
  module 5 device-1 temperature: 29C
  module 5 device-2 temperature: 30C
  module 5 asic-1 temperature: 20C
  module 5 asic-2 temperature: 20C
  module 5 asic-3 temperature: 20C
  module 5 asic-4 temperature: 20C
  module 5 asic-5 temperature: 20C
  module 5 asic-6 temperature: 20C
  module 5 RP outlet temperature: 23C
  module 5 RP inlet temperature: 24C
  module 5 EARL outlet temperature: 28C
  module 5 EARL inlet temperature: 22C
  module 6 outlet temperature: 25C
  module 6 inlet temperature: 20C
  module 6 device-1 temperature: 29C
  module 6 device-2 temperature: 29C
  module 6 asic-1 temperature: 21C
  module 6 asic-2 temperature: 21C
  module 6 asic-3 temperature: 21C
  module 6 asic-4 temperature: 21C
  module 6 asic-5 temperature: 21C
 --More--          module 6 asic-6 temperature: 21C
  module 6 RP outlet temperature: 23C
  module 6 RP inlet temperature: 24C
  module 6 EARL outlet temperature: 28C
  module 6 EARL inlet temperature: 22C
  module 9 outlet temperature: 30C
  module 9 inlet temperature: 30C
  module 9 device-1 temperature: 25C
  module 9 device-2 temperature: 28C


Posted by at No comments:

Thursday, April 25, 2013

IPv6 - The Begining

Features:

->  128bit in length.
->  Total 3.40 Trillion Trillion Trillion IP address
->   No Broadcast IP Address
->   No NAT
->  IPv6 addresses are represented as eight groups of four hexadecimal digits separated by colons, for example 2001:0db8:85a3:0042:1000:8a2e:0370:7334,
Types of address:

Link local IP address:
 -  The first three bits should be 001
 Following Combination is possible
    001 0   i.e  2
    001 1   i.e  3

Site Local IP address
 -  The first seven bits should be 1111 110
following combination is possible



Dear Readers kindly post your valuable suggestions and comments below so that i can enhance this blog with more informative and knowledgeable.

Posted by at No comments:

Monday, March 11, 2013

Syntel Corportion - Network Engineer Interview questions

Hi , i have attended Telephonic interview last week for Information Security Domain in Syntel Corporation, chennai . So i want to share my experience because i think it may be helpful to those who are searching job.

The questions i was asked during the interview are

1. The common question in all the interviews is " Tell about yourself ?"
2. Difference b/w Router and Firewall ?
3. Whether Firewall can able to terminate the network ?
3. Difference b/w the access-list in the router and Firewall ?
4. What is the port number used by Ping Command ?
5. Can you explain about the media layer in OSI model ?
6. How DHCP Works ?
7. what is the purpose of SRV Records in DNS ?
8. Router and Firewall works in which layer of OSI model ?
9. What is the use of NSLOOKUP command ?
10. what is the difference between AD in windows server 2003 and 2008 ( interms of security side)
11. What are the things you will observer , if you are asked to do firewall auditing ?
12. How will you contribute yourself to Information Security ?
13. Tell some commands you used for troubleshooting in windows or linux environment ?

Posted by at No comments:
Labels: , , , , , ,

Wednesday, February 27, 2013

Network Device Troubleshooting Tips

Corrupt image & router boots into rommon mode:

Introduction:

This page explains how to recover a Cisco 2600 Series Router and a VG200 stuck in ROMmon (rommon# >prompt).

Before You Begin

Conventions

For more information on document conventions, see the Cisco Technical Tips Conventions.

Prerequisites

There are no specific prerequisites for this document.

Components Used

This document is not restricted to specific software and hardware versions.
The information presented in this document was created from devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If you are working in a live network, ensure that you understand the potential impact of any command before using it.

Check Configuration Register Settings

If the router is stuck in ROMmon mode, the first setting that should be checked is the value of the configuration register.
The first four bits of the configuration register comprise the boot field. The value of the boot field defines the source of a default Cisco IOS® software image that will be used to run the router. If the value of the boot field is 0 (configuration register value of XXX0), on startup the system enters and remains in the ROM monitor mode (rommon>), awaiting a user command to boot the system manually. For more information on the software configuration register bit meanings, see Configuring the Software Configuration Register.
If your router keeps entering the ROMmon mode each time the system is restarted, it is probably due to the setting of the configuration register. To verify the configured value of the configuration register, use the confreg command as shown below:
rommon 2 > confreg

    Configuration Summary
enabled are:
load rom after netboot fails
console baud: 9600
boot: the ROM Monitor

do you wish to change the configuration? y/n  [n]:
As indicated by the output of the confreg command above, the configuration register is set to a value that forces the router to go into the ROMmon mode each time it is reloaded or power-cycled. To make the router boot automatically from a default Cisco IOS software image, change the configuration register value as shown below:
rommon 2 > confreg 

    Configuration Summary
enabled are:
load rom after netboot fails
console baud: 9600
boot: the ROM Monitor

do you wish to change the configuration? y/n  [n]:  y
enable  "diagnostic mode"? y/n  [n]:
enable  "use net in IP bcast address"? y/n  [n]:
disable "load rom after netboot fails"? y/n  [n]:
enable  "use all zero broadcast"? y/n  [n]:
enable  "break/abort has effect"? y/n  [n]:
enable  "ignore system config info"? y/n  [n]:
change console baud rate? y/n  [n]:
change the boot characteristics? y/n  [n]:  y
enter to boot:
 0 = ROM Monitor
 1 = the boot helper image
 2-15 = boot system
    [0]:  2

    Configuration Summary
enabled are:
load rom after netboot fails
console baud: 9600
boot: image specified by the boot system commands
      or default to: cisco2-C2600

do you wish to change the configuration? y/n  [n]: n
You must reset or power cycle for new config to take effect
By doing this, you have changed the configuration register to a value that makes it look for a valid Cisco IOS software image on startup and boot from the same. The router must now be reset.
rommon 3 > reset

System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1)
Copyright (c) 1999 by cisco Systems, Inc.
TAC:Home:SW:IOS:Specials for info
The router should now reload with a valid Cisco IOS software image.

Look for a Valid Image in Flash

If the configuration register value is set to make the system boot automatically from a default Cisco IOS software image, and if no break signal is sent during start up, the router should boot normally. However, if the router still enters the ROMmon mode, it is probably because the device is unable to locate a valid Cisco IOS software image.
The first thing you need to do then is to look for a valid Cisco IOS software image. To do this, issue the dir <device> command for each available device, and look for a valid Cisco IOS software image. For example, to look for the IOS in the Flash, use the command shown below.
rommon 1 > dir flash:
         File size         Checksum   File name   
5358032 bytes (0x51c1d0)   0x7b16    c2600-i-mz.122-10b.bin
rommon 2 >
Note that if the router returns the "bad device name" message, the device specified probably does not exist. The output above indicates that a valid image is indeed present in the Flash. Try to boot from that image using the boot command.
rommon 2 > boot flash:c2600-i-mz.122-10b.bin
program load complete, entry point: 0x80008000, size: 0x51c0dc
Self decompressing the image : #################################################
##################################
...
The router should now boot with the Cisco IOS software image specified in the boot command. However, there are times when a valid image does not exist on any of the devices or the image on the Flash might be corrupted. In these cases, a valid image has to be downloaded using Trivial File Transfer Protocol (TFTP) or by using the Xmodem procedure. Both these procedures can be carried out from the ROMmon mode.
Note: There are instances where the system message "Device does not contain a valid magic number" appears. If this happens, in addition to getting a valid Cisco IOS software image, you might need to reseat the Flash or replace it, if it is damaged.
Posted by at 1 comment:

Wednesday, November 28, 2012


Dynamic Routing Protocol :

1. RIP
2. IGRP
3. EIGRP
4. OSPF
5. BGP

RIP :
   Routing Information Protocol is a true distance vector Routing protocol which sends complete routing table  to its neighbours over a periodic time of 30 seconds. RIP is a broadcasting protocol. The maximum HOP count is 15 which means that RIP protocol will not suitable for a network where the no of router exceeds 16.
RIP protocol comes in two versions

1. RIP v1
2. RIP v2


Dear Readers kindly post your valuable suggestions and comments below which will initiate me to make this blog with more information.

Posted by at No comments:
Labels:

Thursday, November 15, 2012

Steps to Configure Site to Site VPN



R1(config)#crypto isakmp enable
R1(config)#crypto isakmp policy 1
R1(config-isakmp)#authentication pre-share 
R1(config-isakmp)#encryption aes
R1(config-isakmp)#hash sha
R1(config-isakmp)#group 2
R1(config-isakmp)#exit
R1(config)#crypto isakmp key 0 address 10.0.0.1 0.0.0.0
R1(config)#crypto ipsec transform-set yasser esp-aes esp-sha-hmac 
R1(config)#crypto ipsec security-association lifetime seconds 86400
R1(config)#ip access-list extended ramzy
R1(config-ext-nacl)#permit ip 172.16.0.0 0.0.255.255 192.168.10.0 0.0.0.255
R1(config-ext-nacl)#exit
R1(config)#
Posted by at No comments:
Labels:

Friday, November 9, 2012

BGP ( Border gateway Protocol )

             The Border Gateway Protocol is the routing protocol of the Internet. Actually internet is comprised of Many Autonomous Systems ( AS ).BGP’s task is to maintain lists of efficient paths between ASes.
             A set of computers and routers under a single administration, such as a university or company network, is known as an autonomous system (AS)
How BGP Works : 
      
             BGP Works by Establishing a Network Connection with another BGP Router using TCP 
protocol on port no 179. Once the connection is established between two routers then those routers are said to be BGP Neighbours. 

            After BGP peering finishes then two routers will exchange their Routing Information eachother and each router will buid up their forwarding information base based on Routing Information base and local policy rules.

             Each AS will have many routers for internal communication, and one or more routers for communications outside the local network.Internal routers use internal BGP (iBGP) to communicate with each other, and external routers use external BGP (eBGP). (iBGP and eBGP are the same protocol, but use different routing rules; iBGP does not advertise third-party, outside routes.)
The BGP standard defines four message types:
•  OPEN
•  UPDATE
•  NOTIFICATION
•  KEEPALIVE.



OPEN Message Format :
                Field  
    Length (bytes)
BGP version
1
Autonomous system number
2
Hold time
2
BGP identifier (IP address)
4
Optional parameters length
1
Optional parameters
variable: 0..255 bytes




UPDATE Message Format
                 Field
Length (bytes)
Withdrawn routes length
2
Withdrawn routes
variable
Path attributes length
2
Path attributes
variable
Network layer reachability information
variable






Dear Readers kindly post your valuable suggestions and comments below which will initiate me to make this blog with more information.












Posted by at No comments:
Labels:

Tuesday, November 6, 2012

Install And Configuration of CSMARS


Steps to Install and Configure CSMARS:

  1. Insert the CSMARS Software CD into the CD Drive and boot the CSMARS Device.
  2. Select the type of Controller you want to install for example Global Controller or Local Controller.
  3. After Selecting, the installation process starts and goes for 10 to 15 minutes.
  4. After installation is completed u will get see the login prompt of CSMARS device.
  5. The default username is pnadmin and password is pnadmin.
  6. Pnadmin username is the administrative user account.
  7. Now lets start to configure CSMARS device to monitor your network and Network Devices for any Security Threats
  8. CSMARS device comes with two Gigabit  Ethernet Interfaces and one interface will be assigned with default ipaddress ( i.e 192.168.0.X series )
  9. Now assign the ipaddress , subnet mask and the default gateway address according to your organization  rules
  10. After assigning Ipaddress only you are really ready to configure CSMARS devices to play a vital role in securing your network.
  11. Take your CSMARS device remotely using web browser.
  12. Login through the Logon Credentials.
  13. You will be asked to upload licence file document which you got while purchase.
  14. That’s  all you almost configured the CSMARS device basically.
           Don’t take a breath there are lots to configure ,that will be updated very shortly .


Posted by at No comments:
Labels:

Monday, November 5, 2012

Cybersecurity breach stories

One true story that shows what mainstream generative technology leads to in terms of online security breaches is the story of the Internet's first worm.In 1988, 60000 computers were connected to the Internet, but not all of them were PCs. Most were mainframes, minicomputers and professional workstations. On November 2, 1988, the computers acted strangely. They started to slow down, because they were running a malicious code that demanded processor time and that spread itself to other computers. The purpose of such software was to transmit a copy to the machines and run in parallel with existing software and repeat all over again. It exploited a flaw in a common e-mail transmission program running on a computer by rewriting it to facilitate its entrance or it guessed users' password, because, at that time, passwords were simple (e.g. username 'harry' with a password '...harry') or were obviously related to a list of 432 common passwords tested at each computer.The software was traced back to 23 year old Cornell University graduate student Robert Tappan Morris, Jr.. When questioned about the motive for his actions, Morris said 'he wanted to count how many machines were connected to the Internet. His explanation was verified with his code, but it turned out to be buggy, nevertheless.
Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)